Security Alert

June 18 Phishing Attempt

Sunday, June 18, 2017, many UA employees received a phishing email with the subject title “Urgent-Important Campus Alert”

This email appeared to come from the “University of Alabama” however, it did not originate from a legitimate UA account, it is a phishing attempt. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

June 14 Phishing Attempt

Wednesday, June 14, 2017, many UA employees received a phishing email with the subject title “Kindly Verify The Identity of your Account!!”

This email appeared to come from the “University of Alabama” email address its@ua.edu; however, it did not originate from a legitimate UA account, it is a phishing attempt. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

June 13 Phishing Attempt

Tuesday, June 13, 2017, many UA employees received a phishing email with the subject title “Request closed”.

This email appeared to come from the “Information Technology Service” which was posing as the IT Service Desk. This email did not originate from the IT Service Desk, it is a phishing attempt. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

DUO Now Applied to Crimson Mail

Good news UA students, your Crimson Mail account is now secured under the same DUO protection as your myBama account!

If you are an active DUO user, DUO is now applied to your Crimson Mail account.

What does this mean for you?
Your email is better protected under the same two-factor authentication that your myBama account currently receives.

How does it work?
When you go to mail.crimson.ua.edu to check your email, you will now see the standard DUO prompt that you see when logging into myBama. You will follow the same procedure as you typically would when logging into myBama. You can even use the Remember Me for 30 Days feature!

If you use a smart phone mail app (like outlook or your device’s standard Mail App) for your Crimson Mail, you will not notice any change. You will be able to use your Crimson Mail as you typically would.

Enjoy the perks of free DUO Two Factor Authentication as a UA Student!
We are happy to help protect your accounts and keep UA Cyber Aware. If you have any questions about DUO, like what to do if you get a new smartphone, please check out the frequently asked questions on our website. You can also call our IT Service Desk at 205-348-5555 for additional questions.

Crimson Mail to be Protected with DUO

Beginning Monday, June 12, 2017, OIT will add DUO protection to Crimson mail accounts.

What does this mean for you?
If you are an active DUO user, DUO will be applied to your Crimson Mail account. Your email will be better protected under the same two-factor authentication that your myBama account currently receives.

How will it work?
When you go to mail.crimson.ua.edu to check your email, you will see the standard DUO prompt that you see when logging into myBama. You will follow the same procedure as you typically would when logging into myBama. You can even use the Remember Me for 30 Days feature!

If you use a smart phone mail app (like outlook or your device’s standard Mail App) for your Crimson Mail, you will not notice any change. You will be able to use your Crimson Mail as you typically would.

Where can I go for help?
We are happy to help protect your accounts and keep UA Cyber Aware. If you have any questions about DUO, like what to do if you get a new smartphone, please check out the frequently asked questions at oit.ua.edu/duo.

You can also contact the IT Service Desk at 205-348-5555 for additional questions.

Wanna Cry Ransonware Virus – What You Need to Know

Last Friday, a ransomware virus entitled “Wanna Cry” made its appearance on the internet, and has been rapidly infecting systems across the globe.

This virus targets Microsoft Windows Operating Systems XP through 2012, and it can spread virally among vulnerable machines without requiring a user to open emails, click on links, or take any other action.

OIT encourages all UA faculty and staff to ensure your machines are up to date with Microsoft patches, especially the recently released MS17-010 patch that was distributed in March.

Also, please take advantage of OIT’s free McAfee Antivirus software which is available for immediate download and installation at https://oit.ua.edu/software/mcafee-virus-protection/. Although this particular virus “Wanna Cry” targets Windows operating systems, OIT encourages both PC and Mac users to utilize McAfee Antivirus Software.

Additionally, OIT encourages that if you have any data stored locally on your machine, that you back it up to Box, UA’s free, unlimited cloud storage system.

If you have any questions about the virus, think you might be a victim, or if you need help downloading McAfee Antivirus software to your machine, please contact the IT Service Desk at 205-348-5555.

May 2, 2017 – Phishing Attempt

Wednesday, May 2, 2017, many UA employees received a phishing email with the subject title “Tatum (Lexi) Mcculley has shared a document on Google Docs with you”.

This email is a phishing attempt that asks you to click on a link to Google Docs.  When users click on the file, the fake Google Docs will seek permission to access your account. Users who click on the link and follow through with the process should go to Google’s account permissions to deny access.

If you haven’t already, please delete the email.

If you did receive this email, and you did click on the attachment, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

April 22 Phishing Attempt

Saturday, April 22, 2017, several UA employees received a phishing email with the subject title “Urgent: Webmail Quota”.

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Student Phishing Attempt April 21

Friday, April 21, 2017, many UA students received a phishing email from a compromised crimson email account. 

This email is a phishing attempt designed to steal usernames, passwords, credit card information and to possibly infect your system with malicious code. Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the ITService Desk with questions and concerns 205-348-5555or itsd@ua.edu.

April 19 Phishing Attempt

Wednesday, April 19, 2017, many UA employees received a phishing email with the subject title “Unusual Login Attempt.”

This email is a phishing attempt designed to steal usernames and passwords, and to possibly infect your system with malicious code.  Please remember that The University of Alabama does not send out these types of messages. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the links to provide your username and password, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.